Option to disable padding extension.

[openssl.git] / ssl / s3_clnt.c

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 0b9c84d3bfc28bad780626c5824983bea47df146..9a0b1bda8e18178d065747281a4b6bc71187f374 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -240,6 +240,13 @@ int ssl3_connect(SSL *s)
                                ret = -1;
                                goto end;
                                }
+
+                       if (!ssl_security(s, SSL_SECOP_VERSION, 0,
+                                                       s->version, NULL))
+                               {
+                               SSLerr(SSL_F_SSL3_CONNECT, SSL_R_VERSION_TOO_LOW);
+                               return -1;
+                               }
                                
                        /* s->version=SSL3_VERSION; */
                        s->type=SSL_ST_CONNECT;
@@ -871,8 +878,7 @@ int ssl3_client_hello(SSL *s)
                *(p++)=1;
 #else
 
-               if ((s->options & SSL_OP_NO_COMPRESSION)
-                                       || !s->ctx->comp_methods)
+               if (!ssl_allow_compression(s) || !s->ctx->comp_methods)
                        j=0;
                else
                        j=sk_SSL_COMP_num(s->ctx->comp_methods);
@@ -1079,9 +1085,7 @@ int ssl3_get_server_hello(SSL *s)
        /* If it is a disabled cipher we didn't send it in client hello,
         * so return an error.
         */
-       if (c->algorithm_ssl & ct->mask_ssl ||
-               c->algorithm_mkey & ct->mask_k ||
-               c->algorithm_auth & ct->mask_a)
+       if (ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_CHECK))
                {
                al=SSL_AD_ILLEGAL_PARAMETER;
                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
@@ -1150,7 +1154,7 @@ int ssl3_get_server_hello(SSL *s)
                }
        if (j == 0)
                comp=NULL;
-       else if (s->options & SSL_OP_NO_COMPRESSION)
+       else if (!ssl_allow_compression(s))
                {
                al=SSL_AD_ILLEGAL_PARAMETER;
                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_COMPRESSION_DISABLED);
@@ -1292,6 +1296,12 @@ int ssl3_get_server_certificate(SSL *s)
                goto f_err; 
                }
        ERR_clear_error(); /* but we keep s->verify_result */
+       if (i > 1)
+               {
+               SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, i);
+               al = SSL_AD_HANDSHAKE_FAILURE;
+               goto f_err;
+               }
 
        sc=ssl_sess_cert_new();
        if (sc == NULL) goto err;
@@ -1711,6 +1721,14 @@ int ssl3_get_key_exchange(SSL *s)
                p+=i;
                n-=param_len;
 
+               if (!ssl_security(s, SSL_SECOP_TMP_DH,
+                                               DH_security_bits(dh), 0, dh))
+                       {
+                       al=SSL_AD_HANDSHAKE_FAILURE;
+                       SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_DH_KEY_TOO_SMALL);
+                       goto f_err;
+                       }
+
 #ifndef OPENSSL_NO_RSA
                if (alg_a & SSL_aRSA)
                        pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
@@ -3382,8 +3400,13 @@ int ssl3_send_client_certificate(SSL *s)
        if (s->state == SSL3_ST_CW_CERT_C)
                {
                s->state=SSL3_ST_CW_CERT_D;
-               ssl3_output_cert_chain(s,
-                       (s->s3->tmp.cert_req == 2)?NULL:s->cert->key);
+               if (!ssl3_output_cert_chain(s,
+                       (s->s3->tmp.cert_req == 2)?NULL:s->cert->key))
+                       {
+                       SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+                       ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+                       return 0;
+                       }
                }
        /* SSL3_ST_CW_CERT_D */
        return ssl_do_write(s);
@@ -3644,8 +3667,8 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
                        if (!record->fn2)
                                continue;
                        cb_retval = record->fn2(s, record->supp_data_type,
-                                                                       &out, &outlen, &al,
-                                                                       record->arg);
+                                               &out, &outlen, &al,
+                                               record->arg);
                        if (cb_retval == -1)
                                continue; /* skip this supp data entry */
                        if (cb_retval == 0)
@@ -3669,11 +3692,11 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
                                p = (unsigned char *)s->init_buf->data;
                                *(p++) = SSL3_MT_SUPPLEMENTAL_DATA;
                                /* update message length when all
-                               * callbacks complete */
+                                * callbacks complete */
                                size_loc = p;
                                /* skip over handshake length field (3
-                               * bytes) and supp_data length field
-                               * (3 bytes) */
+                                * bytes) and supp_data length field
+                                * (3 bytes) */
                                p += 3 + 3;
                                length += 1 +3 +3;
                                }
@@ -3708,8 +3731,8 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
        return 1;
 
        f_err:
-               ssl3_send_alert(s,SSL3_AL_FATAL,al);
-               return 0;
+       ssl3_send_alert(s,SSL3_AL_FATAL,al);
+       return 0;
        }
 
 int tls1_get_server_supplemental_data(SSL *s)
@@ -3719,18 +3742,18 @@ int tls1_get_server_supplemental_data(SSL *s)
        long n;
        const unsigned char *p, *d;
        unsigned short supp_data_entry_type = 0;
-       unsigned long supp_data_entry_len = 0;
+       unsigned short supp_data_entry_len = 0;
        unsigned long supp_data_len = 0;
        size_t i;
        int cb_retval = 0;
 
        n=s->method->ssl_get_message(s,
-                                       SSL3_ST_CR_SUPPLEMENTAL_DATA_A,
-                                       SSL3_ST_CR_SUPPLEMENTAL_DATA_B,
-                                       SSL3_MT_SUPPLEMENTAL_DATA,
-                                       /* use default limit */
-                                       TLSEXT_MAXLEN_supplemental_data,
-                                       &ok);
+                                    SSL3_ST_CR_SUPPLEMENTAL_DATA_A,
+                                    SSL3_ST_CR_SUPPLEMENTAL_DATA_B,
+                                    SSL3_MT_SUPPLEMENTAL_DATA,
+                                    /* use default limit */
+                                    TLSEXT_MAXLEN_supplemental_data,
+                                    &ok);
 
        if (!ok) return((int)n);
 
@@ -3752,10 +3775,11 @@ int tls1_get_server_supplemental_data(SSL *s)
                for (i=0; i < s->ctx->cli_supp_data_records_count; i++)
                        {
                        if (s->ctx->cli_supp_data_records[i].supp_data_type == supp_data_entry_type &&
-                               s->ctx->cli_supp_data_records[i].fn1)
+                           s->ctx->cli_supp_data_records[i].fn1)
                                {
                                cb_retval = s->ctx->cli_supp_data_records[i].fn1(s, supp_data_entry_type, p,
-                               supp_data_entry_len, &al, s->ctx->cli_supp_data_records[i].arg);
+                                                                                supp_data_entry_len, &al,
+                                                                                s->ctx->cli_supp_data_records[i].arg);
                                if (cb_retval == 0)
                                        {
                                        SSLerr(SSL_F_TLS1_GET_SERVER_SUPPLEMENTAL_DATA, ERR_R_SSL_LIB);
@@ -3766,8 +3790,8 @@ int tls1_get_server_supplemental_data(SSL *s)
                p += supp_data_entry_len;
                }
        return 1;
-       f_err:
-               ssl3_send_alert(s,SSL3_AL_FATAL,al);
-               return -1;
+f_err:
+       ssl3_send_alert(s,SSL3_AL_FATAL,al);
+       return -1;
        }
 #endif